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(54) System and method for restoring computer files over a wide area computer network 



(57) A user computer (1 6) backs up its files via the 
Internet to a data center (12). Should the user computer 
(16) malfunction or be lost, the user can contact the 
vendor of the computer, and in response a vendor com- 
puter (18) sends a request for data to the data center 
(12). The data center (12) downloads the data via the 
Internet onto a bootable disk partition established on 




the vendor computer (18), and the vendor computer 
(1 8) then transfers what is essentially an image of the 
disk of the user computer (1 6) onto a replacement com- 
puter (22). The replacement computer (22) can be a 
new computer or the repaired original user computer 
(16). 
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Description 

FIELD OF THE INVENTION 

[0001] The present invention relates generally to 
computer file back up systems, and more particularly to 
automated computer file back up systems. 

BACKGROUND 

[0002] The above-referenced patent applications 
disclose methods and systems for backing up comput- 
ers over the Internet. As disclosed therein, a user's 
computer files are backed up block by block using the 
message digest (MD) 5 derived from the data. A 
changed MD5 from a previous backup indicates a 
changed or new block, in any case a block to be hacked 
up. Changed blocks are encoded and sent via the Inter- 
net to a data center, where the blocks and/or files of a 
user's computer are stored in their encoded form. 
[0003] As set forth further in the above-referenced 
applications, should a user's computer lose some or all 
of its data, the data can be retrieved from the data 
center, and then decoded by the user's computer. The 
above-referenced inventions accordingly provide an 
effective and secure mechanism for automatically back- 
ing up computer files to a safe, off-site facility with mini- 
mal human action required to execute a periodic 
backup. 

[0004] As recognized by the present invention, it 
might happen that a third party computer vendor may 
wish to provide a service to its customers that involves 
off-site backups. Such a vendor might not want to main- 
tain a data center complex, but might nonetheless wish 
to employ the principles set forth in the aforementioned 
patents and applications in rendering its service. It is an 
object of the present invention to address this issue. 

SUMMARY OF THE INVENTION 

[0005] A method for recovering from loss of data in 
an original user computer includes backing up the data 
from the original user computer to a data center via the 
Internet, and then subsequently receiving a user 
request for a replacement user computer having the 
data stored thereon when, for instance, the original 
computer malfunctions or is lost In response to the user 
request, at the data center a vendor request for the data 
is received. In response to the vendor request, the data 
is transmitted via the Internet from the data center to a 
vendor facility, where the data is recorded onto a 
replacement user computer that subsequently is made 
available to the user. As understood by the present 
invention, the replacement computer can be a repaired 
version of the original user computer, or a new compu- 
ter. 

[0006] In a preferred embodiment, the vendor 
request includes an identification of the original user 



computer, and the vendor request is authenticated prior 
to transmitting the data via the Internet from the data 
center to the vendor facility. Also, the method can 
include fulfilling one and only one vendor request for 
5 data for an original user computer, for security pur- 
poses. 

(0007] In a particularly preferred embodiment, the 
method includes establishing a bootable disk partition at 
a vendor computer. Then, the data is downloaded from 

10 the data center into the bootable disk partition. Next, the 
data is transferred from the bootable disk partition to the 
replacement computer. In this way, malfunctioning of 
the replacement computer clue to downloading operat- 
ing system files onto it is avoided. 

75 [0008] In another aspect, a computer program stor- 
age device includes a program of instructions that are 
readable by a data center computer for backing up data 
from a user computer over the Internet The method 
acts embodied by the instructions include receiving a 

20 request from a vendor of the user computer for the data, 
with the request including an identification of the user 
computer. The request is sent over the Internet to a ven- 
dor computer for subsequent recording of the data onto 
a replacement user computer. 

25 [0009] In still another aspect, a computer program 
storage device includes a program of instructions that 
are readable by a vendor computer for transmitting, via 
a wide area network, a request for data pertaining to the 
user computer and stored at a remote data center, in 

30 response to a request to recover from a user computer 
malfunction or loss. The instructions also include receiv- 
ing the data from the data center, and recording the data 
onto a replacement computer, which is then made avail- 
able to the user. 

35 [0010] The details of the present invention, both as 
to its structure and operation, can best be understood in 
reference to the accompanying drawings, in which like 
reference numerals refer to like parts, and in which: 

40 BRIEF DESCRIPTION OF THE DRAWINGS 

[0011] 

Figure 1 is a schematic diagram of the architecture 
45 of the present invention; 

Figure 2 is a flow chart of the present logic; 

Figure 3 is a flow chart of the process for encrypting 

data to be backed up; and 

Figure 4 is a flow chart of the process for decrypting 
so backed up data received from the data center. 

DETAILED DESCRIPTION OF THE PREFERRED 
EMBODIMENT 

55 [0012] Referring initially to Figure 1, a system is 
shown, generally designated 10, which includes a 
server computer, referred to herein as a data center 
computer 12, which is part of a computer network. In the 
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preferred embodiment, the data center computer 12 is 
part of the computer network 1 4 referred to as the Inter- 
net, and the data center computer 1 2 can communicate 
with other computers on the network 1 4 via a modem, 
LAN, WAN, or other network device. 
[0013] As disclosed in the patents and applications 
referred to above, user computers 1 6 communicate with 
the data center computer 12 to back up fifes on the user 
computers 16 to the data center computer 12 via the 
Internet Accordingly, the details of the particular 
backup logic used are omitted herein for clarity of dis- 
closure, except as the logic is modified to undertake the 
present invention. The user computers 1 6 can be laptop 
computers, desktop computers, palmtop computers, 
network server computers, or any other computers for 
which a data backup is desired. 
[0014] Should a user computer 16 malfunction or 
be lost, the owner can contact the vendor of the compu- 
ter 16 to request a replacement, complete with an 
image of the disk of the original user computer 16. In 
response, a vendor computer 18 communicates a 
request for data, including the identification of the user 
computer 16, to the data center 12 via a T1 line 20, 
other Internet connection, or other communication path 
of a wide area network. As disclosed in greater detail 
below, after the vendor computer 1 8 has downloaded 
the data from the data center computer 12, it records 
the data onto a replacement computer 22. The replace- 
ment computer 22, which can be a new computer or a 
repaired version of the original user computer 16, is 
then made available to the user by, e.g., shipping the 
replacement computer 22 to the user. 
[0015] To undertake the logic of the present inven- 
tion, the data center computer 12 accesses a data 
center module 24, and the vendor computer 18 
accesses a vendor module 26. Figure 2 illustrates the 
structure of the modules 24, 26 of the present invention 
as embodied in computer program software. Those 
skilled in the art will appreciate that the Figures illustrate 
the structures of logic elements, such as computer pro- 
gram code elements or electronic logic circuits, that 
function according to this invention. Manifestly, the 
invention is practiced in its essential embodiment by a 
machine component that renders the logic elements in a 
form that instructs a digital processing apparatus (that 
is, a computer) to perform a sequence of function steps 
corresponding to those shown in the Figures. 
[0016] These instructions may reside on a program 
storage device including a data storage medium to 
establish a computer program product, such as a pro- 
grammed computer diskette. Alternatively, such media 
can also be found in semiconductor devices, on mag- 
netic tape, on optical disks, on a DASD array, on a con- 
ventional hard disk drive, on electronic read-only 
memory or on electronic random access memory, or 
other appropriate data storage device. In an illustrative 
embodiment of the invention, the logic means are com- 
puter-executable instructions that are written in C*~* lan- 



guage code. 

[0017] Referring nowto Figure 2, the overall logic of 
the present invention can be seen. Commencing at 
block 28, data from the user computer 16 such as file 

5 blocks are backed up to the data center computer 12 
using the inventions disclosed in the above-referenced 
patents and applications. At block 30, the user computer 
16 can become lost or can malfunction due to, e.g., 
damage, in which case the user can instruct, at block 

10 32, the vendor to recover from the loss or malfunction. 
[0018] In response to the user* request for recovery, 
at block 36 the vendor contacts the data center compu- 
ter using, e.g., the vendor computer 18, to request a 
download of the user computer 1 6 file blocks. As part of 

is the request, the vendor sends the identification of the 
user computer 1 6 to the data center computer 1 2 via the 
T1 line 20. 

[0019] Moving to block 36, the data center compu- 
ter 12 authenticates the vendor request Also, the ven- 

20 dor computer 18 can authenticate the data center 
computer 12. This authentication can be undertaken 
using public key/private key principles. As part of the 
authentication, the data center computer 12 can, if 
desired, ascertain whether a prior request has been 

25 made by the vendor for data pertaining to the computer 
associated with the identification received at block 34. If 
so, subsequent requests can be refused, because only 
a single valid vendor request for any given computer is 
anticipated. Additional requests would be considered 

30 irregular and refused until the validity of the additional 
requests could be verified. 

[0020] After authentication, the logic moves to block 
38 to establish a bootable partition on a disk or other 
storage volume associated with the vendor computer 

35 18. The vendor computer 18 then executes the remote 
restore logic shown in Figures 3 and 4 at block 40 to 
download the data via the Internet from the data center 
computer 12 to the bootable partition. Proceeding to 
block 42, the data, which is essentially an image of the 

40 disk of the user computer 16 before it malfunctioned or 
was lost, is recorded or otherwise transferred to the 
replacement computer 22, typically located at the ven- 
dor's facility and operating off of its "A" (removable dis- 
kette) drive during file transfer. By first downloading the 

45 data onto a bootable partition of the vendor computer 1 8 
and then recording the data onto the replacement com- 
puter 22 as the replacement computer 22 operates off 
of its "A" drive, unintentional "crashing" of the replace- 
ment computer, which could otherwise be caused by 

so downloading certain "C" (main) drive operating system 
files, is avoided. The replacement computer 22 is then 
provided or sent or otherwise made available to the user 
at block 44. 

[0021] Figures 3 and 4 show details of the remote 
55 restore logic mentioned above. Commencing at block 
46, at a user computer 16, the digital signature MD5 
code for each block for which backup has been selected 
by the steps disclosed in the above-referenced patent 
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and applications is determined and attached to its 
respective data block, and then the digital signature 
MD5 code with data block is compressed using com- 
pression principles known in the art. Moving to block 48, 
the data block, but not the MD5 code, is encrypted with 5 
a user-selected key on a user key list From block 48, 
the process ends at state 50, it being understood that 
further transmission steps can be undertaken. 
[0022] Subsequently, when the remote restore logic 
is to be invoked as discussed above, the vendor compu- to 
ter 18 invokes the steps shown in Figure 4. Commenc- 
ing at block 52, the vendor computer receives the blocks 
to be restored from the data center and then undertakes 
the following steps for each block. At block 54, the com- 
puter selects the first encryption key in the fist from the is 
user computer 16, and then at block 56 the vendor com- 
puter 1 8 decrypts and decompresses the block. Moving 
to decision diamond 58, the vendor computer 1 8 deter- 
mines whether decompression failed as indicated by, 
e.g., data overflow. If decompression failed, the process 20 
moves to block 60 to select the next key in the list, and 
then loops back to block 56 to again attempt decom- 
pression. 

[0023] If, on the other hand, decompression is 
determined at decision diamond 58 to have been exe- 2s 
cuted satisfactorily, the process moves to block 62 to 
further validate the key under test by stripping the digital 
signature MD5 code from the packet and then calculat- 
ing anew the digital signature MD5 code of the data that 
is associated with the decrypted block. In undertaking 30 
the process at block 62, the present invention under- 
stands that the digital signature MD5 code is a 128 bit- 
long string that is appended to the data with which it is 
associated in a known location, and that consequently 
the digital signature MD5 code easily can be stripped. 35 
[0024] At decision diamond 64 the calculated digital 
signature MD5 code of the decrypted data is compared 
to the decrypted digital signature MD5 code that had 
been stripped from the data at block 62. If the two digital 
signature MD5 codes match each other at decision dta- 40 
mond 64, the key under test has been validated and the 
process returns "correct key" at block 66. Then the proc- 
ess retrieves the next data portion at block 52. Other- 
wise, the process loops back to block 60 to retrieve the 
next key in the user computer's key list. Once the blocks 45 
of a file have been decompressed and decrypted, they 
are stitched back together in the proper sequence to 
render a restored version of the file. 
[0025] In the preferred embodiment, the MD5 sig- 
natures for entire files are also determined and so 
recorded at backup time, as well as the per-block signa- 
tures. During the restoration process, after all blocks of 
a file have been decompressed, decrypted, and stitched 
back together, the MD5 of the newty recovered file is 
compared to that of the original file to ensure that the file 55 
that has been restored is indeed the file that was backed 
up. 

[0026] While the particular SYSTEM AND 



METHOD FOR RESTORING COMPUTER FILES 
OVER A WIDE AREA COMPUTER NETWORK as 
herein shown and described in detail is fully capable of 
attaining the above-described objects of the invention, it 
is to be understood that it is the presently preferred 
embodiment of the present invention and is thus repre- 
sentative of the subject matter which is broadly contem- 
plated by the present invention, that the scope of the 
present invention fully encompasses other embodi- 
ments which may become obvious to those skilled in the 
art, and that the scope of the present invention is 
accordingly to be limited by nothing other than the 
appended claims, in which reference to an element in 
the singular is not intended to mean "one and only one" 
unless explicitly so stated, but rather "one or more". 

Claims 

1 . A method for recovering from loss of data in an orig- 
inal user computer (16), the improvement charac- 
terised by: 

backing up the data from the original user com- 
puter (16) to a data center (12) via the Internet; 
then subsequently 

receiving a user request for a replacement user 
computer (22) having the data stored thereon; 
receiving, at the data center (12), a vendor 
request for the data in response to the user 
request; 

in response to the vendor request, transmitting 
the data via the Internet from the data center 
(12) to a vendor facility; 

at the vendor facility, recording the data onto a 
replacement user computer (22); and 
making the replacement computer (22) availa- 
ble to the user. 

2. The method of Claim 1 , wherein the replacement 
computer (22) is the original user computer (16). 

3. The method of Claim 1 , wherein the vendor request 
includes an identification of the original user com- 
puter (16). 

4. The method of Claim 3, wherein the vendor request 
is authenticated prior to transmitting the data via the 
Internet from the data center (12) to the vendor 
facility. 

5. The method of Claim 1 , further comprising fulfilling 
one and only one vendor request for data for an 
original user computer (16). 

6. The method of Claim 1 , further comprising: 

establishing a bootable disk partition at a ven- 
dor computer (1 8); 
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7 

downloading the data from the data center (1 2) 
into the bootable disk partition; and 
transferring the data from the bootable disk 
partition to the replacement computer (22). 

5 

7. A computer program storage device including a 
program of instructions readable by a data center 
computer (12) to undertake method acts for pre- 
serving data backed up over the Internet from a 
user computer (1 6), the improvement characterised io 
by: 

subsequent to backing up the user computer 
(16), receiving a request from a vendor of the 
user computer (16) for the data, the request is 
including an identification of the user computer 
(16); and 



8 

wherein the method acts embodied by the instruc- 
tions include: 

establishing a bootable partition on a storage 
volume; 

receiving the data from the data center (12) 
onto the partition; and 

transferring the data from the partition to the 
replacement computer. 

1 3. A computer program which when running on a com- 
puter network, is capable of performing the method 
as claimed in any one of claims 1 to 6. 
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sending the request over the Internet to a ven- 
dor computer (18) for subsequent recording of 20 
the data onto a replacement user computer 
(22). 



8. The computer program storage device of Claim 7, 
wherein the method acts embodied by the instruc- 25 
tions include authenticating the request from the 
vendor. 



9. The computer program storage device of Claim 7, 
wherein the method acts embodied by the instruc- 30 
tions include fulfilling one and only one vendor 
request for data for any given user computer (1 6). 



10. A computer program storage device including a 
program of instructions readable by a vendor com- 35 
puter (18) to undertake method acts for recovering 
lost data in response to a request to recover from a 
user computer (16) malfunction or loss, the 
improvement characterised by: 

40 

transmitting, via a wide area network, a request 
for data pertaining to the user computer (16) 
and stored at a data center (12) remote from 
the user computer (16); 

receiving the data from the data center (12); 45 
and 

recording the data onto a replacement compu- 
ter, such that a mirror image of the user compu- 
ter can made available to the user. 

so 

11. The computer program storage device of Claim 1 0, 
wherein the method acts embodied by the instruc- 
tions include: 



sending an identification of the user computer 55 
(16) to the data center (12). 



12. The computer program storage device of Claim 1 0, 
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